The present disclosure relates to the field of computers, and particularly to computers that communicate via a network. More particularly, the present disclosure relates to authentication of computers that communicate via a network.
Computer resources include hardware (e.g., servers, storage devices, printers, etc.) as well as software (e.g., applications, databases, etc.) and services. Such computer resources may be on a network, thus allowing remote access by a user, or local, such that the user is able to directly access the computer resources. Examples of services include, but are not limited to, services that provide interactions with organizations, social networks, etc.
In order to access such computer resources, the user is often required to identify himself/herself, in order to allow the system to keep a record of which user accesses the computer resources, to ensure that only authorized users are accessing the computer resources, to challenge the user (e.g., for security purposes), etc.
However, if the user simply identifies himself/herself with a name (e.g., a given name, a name of an email address, etc.), then there is little security. That is, it is a trivial process for an unauthorized/improper user to simply lie about his/her name when accessing such computer resources. Therefore, various types of security measures can be taken.
For example, the user may be required to identify himself/herself with a password or token. But a password or token is may be easy for the user to forget, and for improper parties to steal.
The user may be required to identify himself/herself by presenting a biometric signature (e.g., a fingerprint, retina scan, etc.), but this requires additional hardware (biometric scanners).
The user may be associated with the computer from which he/she is working (e.g., as identified by an internet protocol (IP) address or a media access control (MAC) address or a universal unique identifier (UUID) for that computer). However, this only identifies the computer, not the user.
Thus, the prior art does not truly identify “who” the user is. Rather, the “identity” of the user in the prior art is based on the user's given name, the user's password, the user's biometrics, or the user's computer. None of these items provide a true identity of the user, particularly when accessing various computer resources and/or services.